Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    winPEASx64.exe

  • Size

    2.3MB

  • Sample

    240430-nvl2gabb84

  • MD5

    1f7f204d5ca9437dbb364b7d28eb71a5

  • SHA1

    5d79c1d2e799596f32a28bb68d966b4efcd608c8

  • SHA256

    39210402176e6bf813dbff36370978a66505dc7a25008841e5225603ccbcb8e6

  • SHA512

    b0782e6c4302fdc5349266adbfcd0865735dbff4874c69e0773deec2afea6062bb37df04d6db9ce46626b9e6fb4474c2e7858556ef6af09a45ca9d1a2d9890be

  • SSDEEP

    24576:ocQmqUZRcomnDIi/W7m/EsH1LsPlNKkThXHL5gZm3T:kmDXmn8i/WaE+El4kBHL5gk

Malware Config

Targets

    • Target

      winPEASx64.exe

    • Size

      2.3MB

    • MD5

      1f7f204d5ca9437dbb364b7d28eb71a5

    • SHA1

      5d79c1d2e799596f32a28bb68d966b4efcd608c8

    • SHA256

      39210402176e6bf813dbff36370978a66505dc7a25008841e5225603ccbcb8e6

    • SHA512

      b0782e6c4302fdc5349266adbfcd0865735dbff4874c69e0773deec2afea6062bb37df04d6db9ce46626b9e6fb4474c2e7858556ef6af09a45ca9d1a2d9890be

    • SSDEEP

      24576:ocQmqUZRcomnDIi/W7m/EsH1LsPlNKkThXHL5gZm3T:kmDXmn8i/WaE+El4kBHL5gk

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks